Sherman's Security Blog
I am Sherman Hand. (also known as Policysup) I have created this blog and will use a part of my day to write about what is going on in the world. I hope to discuss things in a down to earth and practical way. I hope to hear back from you on your thoughts. I do not in any way intend to speak for my employer. The content of this blog will be either opinions that are strictly mine, general observations,re posts, or information that is already in the public domain.

Centene Corporation has begun the process of notifying 950,000 members who may have been affected by a possible data breach.

On Monday, the multi-line healthcare enterprise announced that it was launching a search for six hard drives that are currently unaccounted for among its information technology assets:

“Centene takes the privacy and security of our members’ information seriously,” Michael F. Neidorff, Chairman, President and CEO of the company, said in a press release. “While we don’t believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives. The drives were a part of a data project using laboratory results to improve the health outcomes of our members.”

The missing hard drives are thought to contain the personal health information of approximately 950,000 individuals who received laboratory services from Centene between 2009 and 2015, including members’ names, addresses, dates of birth, social security numbers, member IDs numbers, and other health information.

“Consistent with our policies around communication and transparency, we are beginning the process of notifying all affected individuals and all appropriate regulatory agencies as we continue to search and investigate,” Neidorff went on to comment.

Centene will also offer customers free credit and healthcare monitoring while it works to revamp its IT asset management strategy.

Even so, Centene is not the only company to have misplaced IT assets. Back in 2007, two password-protected CDs owned by Her Majesty’s Revenue and Customs (HMRC) were lost in the mail. This incident compromised the information of 25 million UK children and parents.